'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2018-05-25 12:13:06.813747 2018-05-25 12:15:01.195344 114 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo win7 Clone 1 VirtualBox 2018-05-25 12:13:07 2018-05-25 12:15:00

File Details

File name d9f2bdfe544801cbb2b0881f1379495c60e81f04.dll
File size 4490978 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 FB534D71
MD5 81ecbd3671fb0ad17aac7c0fd6e0115c
SHA1 d9f2bdfe544801cbb2b0881f1379495c60e81f04
SHA256 d15c88f4d4f8c0d0358506cdcec4207b66dd761bc179bee9e7ff22e15b97ac19
SHA512 5d3f47998867ae446f7cd65b191c19b3af778bbefd04332c3cf1180e20b0eb2108da6a7c5115b59c6ce2466e1b2c917db4806e48a30f9b40a3c57b5564580c74
Ssdeep None
PEiD None matched
Yara
  • Str_Win32_Http_API (Match Windows Http API call)
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=75, Anomalies=0, PEiD=0, Yara=0, VT[1527264917]=0): Snort Events=0, AV Events=0
Total Score=75

Signatures

antivm_queries_computername details
recon_fingerprint details
locates_browser details
antivm_memory_available details
raises_exception details
openprocess_nonchild details
Roaming_Profile_Modified details
allocates_rwx details
antivm_disk_size details
creates_shortcut details
privilege_luid_check details
injection_duplicate_handle details
nolookup_communication details

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings